summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul Mackerras <paulus@ozlabs.org>2016-08-10 03:13:09 +0200
committerPaul Mackerras <paulus@ozlabs.org>2016-08-19 05:00:06 +0200
commite48ba1cbce12eb4546771d45c09dd94c3404efe8 (patch)
tree3e4faac42cacb007e71e72cc95e5bb3fc00273ee
parentLinux 4.8-rc2 (diff)
downloadlinux-e48ba1cbce12eb4546771d45c09dd94c3404efe8.tar.xz
linux-e48ba1cbce12eb4546771d45c09dd94c3404efe8.zip
KVM: PPC: Book3S: Don't crash if irqfd used with no in-kernel XICS emulation
It turns out that if userspace creates a pseries-type VM without in-kernel XICS (interrupt controller) emulation, and then connects an eventfd to the VM as an irqfd, and the eventfd gets signalled, that the code will try to deliver an interrupt via the non-existent XICS object and crash the host kernel with a NULL pointer dereference. To fix this, we check for the presence of the XICS object before trying to deliver the interrupt, and return with an error if not. Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
-rw-r--r--arch/powerpc/kvm/book3s_xics.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/arch/powerpc/kvm/book3s_xics.c b/arch/powerpc/kvm/book3s_xics.c
index 05aa11399a78..686147efbac5 100644
--- a/arch/powerpc/kvm/book3s_xics.c
+++ b/arch/powerpc/kvm/book3s_xics.c
@@ -1252,6 +1252,8 @@ int kvm_set_irq(struct kvm *kvm, int irq_source_id, u32 irq, int level,
{
struct kvmppc_xics *xics = kvm->arch.xics;
+ if (!xics)
+ return -ENODEV;
return ics_deliver_irq(xics, irq, level);
}